crypt tests
This commit is contained in:
Brad Rydzewski
parent
b7e4d6cb29
commit
e728152059
2 changed files with 6 additions and 8 deletions
|
|
@ -11,8 +11,6 @@ import (
|
||||||
"github.com/drone/drone/Godeps/_workspace/src/gopkg.in/yaml.v2"
|
"github.com/drone/drone/Godeps/_workspace/src/gopkg.in/yaml.v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
const BlockSize = 32 // AES256
|
|
||||||
|
|
||||||
// Parse parses and returns the secure section of the
|
// Parse parses and returns the secure section of the
|
||||||
// yaml file as plaintext parameters.
|
// yaml file as plaintext parameters.
|
||||||
func Parse(key, raw string) (map[string]string, error) {
|
func Parse(key, raw string) (map[string]string, error) {
|
||||||
|
|
@ -33,14 +31,14 @@ func Encrypt(key, text string) (_ string, err error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ciphertext := make([]byte, BlockSize+len(plaintext))
|
ciphertext := make([]byte, aes.BlockSize+len(plaintext))
|
||||||
iv := ciphertext[:aes.BlockSize]
|
iv := ciphertext[:aes.BlockSize]
|
||||||
if _, err = io.ReadFull(rand.Reader, iv); err != nil {
|
if _, err = io.ReadFull(rand.Reader, iv); err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
stream := cipher.NewCFBEncrypter(block, iv)
|
stream := cipher.NewCFBEncrypter(block, iv)
|
||||||
stream.XORKeyStream(ciphertext[BlockSize:], plaintext)
|
stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
|
||||||
|
|
||||||
return base64.URLEncoding.EncodeToString(ciphertext), nil
|
return base64.URLEncoding.EncodeToString(ciphertext), nil
|
||||||
}
|
}
|
||||||
|
|
@ -57,12 +55,12 @@ func Decrypt(key, text string) (_ string, err error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(ciphertext) < BlockSize {
|
if len(ciphertext) < aes.BlockSize {
|
||||||
err = fmt.Errorf("ciphertext too short")
|
err = fmt.Errorf("ciphertext too short")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
iv := ciphertext[:aes.BlockSize]
|
iv := ciphertext[:aes.BlockSize]
|
||||||
ciphertext = ciphertext[BlockSize:]
|
ciphertext = ciphertext[aes.BlockSize:]
|
||||||
|
|
||||||
stream := cipher.NewCFBDecrypter(block, iv)
|
stream := cipher.NewCFBDecrypter(block, iv)
|
||||||
stream.XORKeyStream(ciphertext, ciphertext)
|
stream.XORKeyStream(ciphertext, ciphertext)
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,7 @@ func Test_Secure(t *testing.T) {
|
||||||
|
|
||||||
g.It("Should decrypt a map", func() {
|
g.It("Should decrypt a map", func() {
|
||||||
params := map[string]string{
|
params := map[string]string{
|
||||||
"foo": "dG0H-Kjg4lZ8s-4WwfaeAgAAAAAAAAAAAAAAAAAAAADKUC-q4zHKDHzH9qZYXjGl1S0=",
|
"foo": "2NQPoQfxPERVi42OEYzuVTjQrEQSrcN2-Pwk4kTlIVN5HA==",
|
||||||
}
|
}
|
||||||
err := DecryptMap(key, params)
|
err := DecryptMap(key, params)
|
||||||
g.Assert(err == nil).IsTrue()
|
g.Assert(err == nil).IsTrue()
|
||||||
|
|
@ -47,7 +47,7 @@ func Test_Secure(t *testing.T) {
|
||||||
})
|
})
|
||||||
|
|
||||||
g.It("Should decrypt a yaml", func() {
|
g.It("Should decrypt a yaml", func() {
|
||||||
yaml := `secure: {"foo": "dG0H-Kjg4lZ8s-4WwfaeAgAAAAAAAAAAAAAAAAAAAADKUC-q4zHKDHzH9qZYXjGl1S0="}`
|
yaml := `secure: {"foo": "2NQPoQfxPERVi42OEYzuVTjQrEQSrcN2-Pwk4kTlIVN5HA=="}`
|
||||||
decrypted, err := Parse(key, yaml)
|
decrypted, err := Parse(key, yaml)
|
||||||
g.Assert(err == nil).IsTrue()
|
g.Assert(err == nil).IsTrue()
|
||||||
g.Assert(decrypted["foo"]).Equal("super_duper_secret")
|
g.Assert(decrypted["foo"]).Equal("super_duper_secret")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue